From 45079ae1e6773530c990954a65499c7b73a943d6 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Fri, 15 Aug 2025 13:21:59 +0900
Subject: [PATCH] hostname-setup: do not trigger assertion when uname() is
 prohibited by seccomp

gethostname_full() is used in nss-myhostname, and hence random
application may indirectly call it. When an application with a too strict
seccomp filter loads the nss module, the application may trigger the
assertion.

Partially fixes #38582.
---
 src/shared/hostname-setup.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/shared/hostname-setup.c b/src/shared/hostname-setup.c
index 0d21e0482d1..ac13d06fb23 100644
--- a/src/shared/hostname-setup.c
+++ b/src/shared/hostname-setup.c
@@ -316,7 +316,8 @@ int gethostname_full(GetHostnameFlags flags, char **ret) {
 
         assert(ret);
 
-        assert_se(uname(&u) >= 0);
+        if (uname(&u) < 0)
+                return -errno;
 
         s = u.nodename;
         if (isempty(s) || streq(s, "(none)") ||
-- 
2.47.3